gfwleak/tango-tfe
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐞 fix(TSG-16240): 修复Intercept选择http协议时,日志中Intercept Status值为passthrough

Browse Source
This commit is contained in:
wangmenglan
2023-08-28 15:40:12 +08:00
parent 9f2bf29f67
commit 420e41cda8
3 changed files with 162 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
common/src/tfe_packet_io.cpp
View File

@@ -1029,6 +1029,9 @@ static void send_event_log(struct session_ctx *s_ctx, int thread_seq, void *ctx)
char *data = NULL;
size_t size;
mpack_writer_t writer;
if (s_ctx->protocol != STREAM_PROTO_SSL)
return;
mpack_writer_init_growable(&writer, &data, &size);
// root map
@@ -1224,6 +1227,7 @@ static int handle_session_opening(struct metadata *meta, struct ctrl_pkt_parser
TFE_LOG_ERROR(logger, "%s: incorrect dataoffset in the control zone of session %lu, offset:%u, l7offset:%u, payload:%p, raw_data:%p", LOG_TAG_PKTIO, meta->session_id, offset, meta->l7offset, payload, meta->raw_data);
}
raw_packet_parser_get_most_inner_tuple4(&raw_parser, &inner_tuple4, logger);
tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_TCP_RESTORE_PROTOCOL, (unsigned char *)&stream_protocol_in_char, sizeof(stream_protocol_in_char), &size);
ret = intercept_policy_enforce(thread->ref_proxy->int_ply_enforcer, parser->cmsg);
if (ret != 0) {
@@ -1278,7 +1282,6 @@ static int handle_session_opening(struct metadata *meta, struct ctrl_pkt_parser
goto passthrough;
}
tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_TCP_RESTORE_PROTOCOL, (unsigned char *)&stream_protocol_in_char, sizeof(stream_protocol_in_char), &size);
tfe_cmsg_get_value(parser->cmsg, TFE_CMSG_TCP_DECRYPTED_TRAFFIC_STEERING, (unsigned char *)&enable_decrypted_traffic_steering, sizeof(enable_decrypted_traffic_steering), &size);
if ((STREAM_PROTO_PLAIN == (enum tfe_stream_proto)stream_protocol_in_char && thread->ref_proxy->traffic_steering_options.enable_steering_http) ||
(STREAM_PROTO_SSL == (enum tfe_stream_proto)stream_protocol_in_char && thread->ref_proxy->traffic_steering_options.enable_steering_ssl) ||
@@ -1338,6 +1341,7 @@ passthrough:
s_ctx->raw_meta_e2i = metadata_new();
s_ctx->ctrl_meta = metadata_new();
s_ctx->protocol = stream_protocol_in_char;
s_ctx->ref_thread_ctx = thread;
s_ctx->session_id = meta->session_id;
s_ctx->session_addr = addr_tuple4_to_str(&inner_tuple4);